Format: 1.8 Date: Fri, 22 May 2020 11:54:19 -0400 Source: perl Architecture: source Version: 5.30.0-9ubuntu0.1 Distribution: focal-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Marc Deslauriers Changes: perl (5.30.0-9ubuntu0.1) focal-security; urgency=medium . * SECURITY UPDATE: heap buffer overflow in regex compiler - debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow from nested regex quantifiers in regcomp.c. - CVE-2020-10543 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-10878-1.patch: extract rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c. - debian/patches/fixes/CVE-2020-10878-2.patch: use long jumps if there is any possibility of overflow in regcomp.c. - CVE-2020-10878 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c, t/re/pat.t. - CVE-2020-12723 Checksums-Sha1: 69303f16490bfa56d75d481a50ee1c2bc1cab40c 2962 perl_5.30.0-9ubuntu0.1.dsc 71c93e8755ced63932a0b93e098185724c9b3b12 167196 perl_5.30.0-9ubuntu0.1.debian.tar.xz c1a028ff4be76b487a8f93ca55be5fa875d66491 6272 perl_5.30.0-9ubuntu0.1_source.buildinfo Checksums-Sha256: 065d1d20106a0df9f0e96101cd5def98b1aa09e4c0c07f691eded12a05f44713 2962 perl_5.30.0-9ubuntu0.1.dsc 2e5287ca4c7ceea2f6d1054c68b3cfcdccaf3acfd30edd27903fb6bff7ffbb00 167196 perl_5.30.0-9ubuntu0.1.debian.tar.xz 2f67e46df1ca9be4c0f978573b7dd47c816f6be53c1d33e5ec564d453ce13a41 6272 perl_5.30.0-9ubuntu0.1_source.buildinfo Files: 99a08f6bf0afb288c8f36278e176ca8d 2962 perl standard perl_5.30.0-9ubuntu0.1.dsc 36082a41eed8c74a68bb520b038741fe 167196 perl standard perl_5.30.0-9ubuntu0.1.debian.tar.xz 7e8597eea5d56423d4050a6e41c2de7e 6272 perl standard perl_5.30.0-9ubuntu0.1_source.buildinfo Original-Maintainer: Niko Tyni